Uh, if the Access Log Value logged before the request was complete, how would it know the number of bytes written to log?
George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -----Original Message----- > From: Jason Brittain [mailto:jason.britt...@mulesource.com] > Sent: Friday, November 13, 2009 7:12 PM > To: Tomcat Users List > Subject: Re: AccessLogValve calling order > > Hi Chris. > > Thanks for diagnosing this problem! It appears you're right that it > logs > only after the session is invalidated (after the request is complete) > on a > logout request. That bug has existed in the code for a very long time, > unnoticed. The AccessLogValve was initially implemented to log only > after > the request processing is complete so that the client never needs to > wait > for the logging to complete. With the new addition of asynchronous > logging, > however, it's quite a bit less important to log only when the request > is > complete. It seems like it would help if the access logger could be > configurable to log either before or after handling the request (I'm > not > sure logging both before and after makes sense). Your ideas for %Sr > and > %{methodName}rm both seem useful as well, though I think the > %{methodName}rm > one has potential security & side effect issues. So, I would suggest > implementing your first two ideas. I'm also happy to help you with > that, if > you'd like. > > Cheers. > -- > Jason Brittain > MuleSoft <http://www.mulesoft.com> > > > On Fri, Nov 13, 2009 at 2:22 PM, Christopher Schultz < > ch...@christopherschultz.net> wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > All, > > > > Amazingly enough, I had my first need to use AccessLogValve today, > and > > one of the things I wanted to print was the user's session id. No, > > problem: just add "%S" to the log pattern. > > > > Well, there is one problem: you can't spit-out the session id for > logout > > requests because the logic for the AccessLogValve is: > > > > if(enabled) > > invoke next valve > > print log message > > else > > invoke next valve > > > > Note that the request has essentially completed when the log message > is > > generated. This makes complete sense as you typically want to log > > /after/ the request so you can do things like find out how many bytes > > were sent, how long the request took, etc. > > > > In my case, I want to have access to the session id before the > session > > is invalidated (which happens in the logout servlet). > > > > Another option would be to get the requested session id from the > request > > (which can only be done with the current AccessLogValve if the client > is > > using cookies), though that can be misleading because anyone can > request > > anything... it's not guaranteed to use a useful value. > > > > Anyhow, I was wondering if anyone had any suggestions short of > heavily > > modifying the AccessLogValve or developing something from scratch. > > > > I'd also be happy to provide a patch for the AccessLogValve that add > any > > or all of the following capabilities: > > > > 1. Allow log before or after request (or both?) > > 2. Add requested session id to standard pattern options (%Sr?) > > or > > 3. Add %{xxx}rm to call ServletRequest.xxx and print the result > > (allows ${getRequestedSessionId}rm > > > > Any comments? > > > > Thanks, > > - -chris > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
